[Secure-testing-commits] r46128 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 11 18:29:33 UTC 2016
Author: carnil
Date: 2016-11-11 18:29:33 +0000 (Fri, 11 Nov 2016)
New Revision: 46128
Modified:
data/CVE/list
Log:
Mark CVE-2016-5117 as unimportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-11 17:58:22 UTC (rev 46127)
+++ data/CVE/list 2016-11-11 18:29:33 UTC (rev 46128)
@@ -14463,11 +14463,12 @@
NOTE: http://support.ntp.org/bin/view/Main/NtpBug3045
CVE-2016-5117 [OpenNTPD not verifying CN during HTTPS constraints request]
RESERVED
- - openntpd <unfixed> (bug #825856)
+ - openntpd <unfixed> (bug #825856; unimportant)
[jessie] - openntpd <not-affected> (Vulnerable code introduced later)
[wheezy] - openntpd <not-affected> (Vulnerable code introduced later)
NOTE: http://www.openwall.com/lists/oss-security/2016/05/23/2
NOTE: Authenticated TLS "contraints" introduced in 2015-03-24 OpenNTPD 5.7p4
+ NOTE: Option is not enabled at buildtime.
CVE-2016-4964 [scsi: mptsas infinite loop in mptsas_fetch_requests]
RESERVED
- qemu 1:2.6+dfsg-2 (bug #825207)
More information about the Secure-testing-commits
mailing list